[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Question on inbound IPSEC policy check
At 11:38 AM -0700 5/2/03, Ramana Yarlagadda wrote:
>Hi,
>
>Shall we igonre the text note that i refered to in section 5.2.1 of rfc 2401.
>
>And if that is the case, then with the setup Jyothi has described the SA
>negotiation should fail.
>
>-ramana
As I mentioned, the text needs to be fixed and I described how I plan
to fix it, in general terms. I can't fault anyone for interpreting
the text in different ways, but I do believe that our goal should be
to prevent IPsec from behaving in a "surprising" fashion. Use that as
your guide, and you have a defensible position.
Steve